On Thursday, March 07, 2013 01:11:44 PM Carl S. Gutekunst wrote:
How should the DMARC alignment checks be performed on messages that have
a null RFC5321.MailFrom?
This came to my attention because our reports from LinkedIn suggest that
when the bounce address is null, they check the SPF HELO Identity
instead. That seems reasonable, but I don't see anything about it in the
DMARC spec.
The fallback to HELO is in the SPF RFC, RFC 4408, section 2.4:
Actually, it's in section 2.2; that's why I said it's reasonable for
LinkedIn to make the check that way. But the DMARC spec only talks about
RFC5321.MailFrom. I think it's worthy of discussion whether DMARC
alignment should fall back to the HELO Identity; and if so, we'll want
to capture that in the next draft of the spec.
<csg>
_______________________________________________
dmarc-discuss mailing list
[email protected]
http://www.dmarc.org/mailman/listinfo/dmarc-discuss
NOTE: Participating in this list means you agree to the DMARC Note Well terms
(http://www.dmarc.org/note_well.html)
